- Bronze, 100 points or more
suppose there is one host who is accessing two different servers in the network.
when host A access to host B all we have to do is make sure that it gets to talk to it one to one thus i configure this
static (inside,outside) tcp 60.x.x.72 3392 22.214.171.124 3392 netmask 255.255.255.255
static (inside,outside) tcp 60.x.x.72 3394 126.96.36.199 3394 netmask 255.255.255.255
access-list acl_out_in permit tcp host 20.x.x.4 host 188.8.131.52 eq 3392
access-list acl_out_in permit tcp host 20.x.x.4 host 184.108.40.206 eq 3394
and host A can connect to host B with success no problem at all.
Now, when host A try to connect to host C we not only have to nat/translate the source IP of this host but also the like host B scenario that it should be one to one with it, so i configure the following
static (outside,inside) 20.x.x.4 220.127.116.11 netmask 255.255.255.255
static (inside,outside) 60.x.x.72 18.104.22.168 netmask 255.255.255.255
access-list acl_out_in permit tcp host 60.x.x.72 host 22.214.171.124 eq 6003
host A connects to host C successful and no problem.
the issue i have here is that when i see the netstat of host B it shows that the host A (remote host ip address is) 126.96.36.199 whereas it should be it orginal source ip address.
so is there a way it can be done or is it the firewall itself that it's not possible and it would be causing any problem in connection, cuz currently on random times the connection drops automaticaly btw host A and host B, so i assume it is because of this issue.
any help would be great